Find out why ransomware is such a challenge for businesses in South Africa, and what you can do to ensure your company’s transactional data is out of harm’s way.
You’ve probably seen this before in an action movie: A cyber terrorist hijacks the Pentagon or Whitehouse or ‘blue-chip’ company’s data files, much to everyone’s shock and dismay. Dramatic music builds in the background as spectacled and bearded IT boffs sweat it out, crack a few jokes and, in the knick-of-time, crack the code and save the ‘world’.
It’s not like that in real life – especially in business.
Why you need to guard against ransomware
More and more South African business owners attest to it. Its rather low key in fact; you walk into your office one day - as every other day - but notice the slightly frozen-in-the-headlights expression on your team’s faces, and you know something is horribly wrong.
Then the designated soul says the words you didn’t know you should dread, “They’ve encrypted all our files and want money for the key.” There’s no music, no bearded boffs, just you and an awful sinking feeling in your stomach as your business grinds to an ungainly halt.
You’re not alone. According to Check Point’s report issued recently, South Africa has moved up the list of 117 most attacked countries from 58th position to number 31 in November last year, and we’re steadily climbing with more and more reports of ransomware attacks occurring daily.
Related: Why data security should be a priority for all businesses
How it happens
Usually ransomware penetrates a business’s defences dressed up in an innocent-looking link or attachment on a spam email. Also through visits or clicks on dodgy websites.
Once it is installed and activated, all (as in, all) the files on your server are encrypted and locked. Demands for large payments, usually in a surprisingly non-threatening tone, follow. They state the amount to be paid, typically in the form of untraceable bitcoins, in order to regain access to the encrypted files.
As an all-too-frequent bonus, once payment is made, an additional request for money is issued, presumably because the original amount was paid too swiftly - and is therefore deemed to have been too affordable.
The true cost of ransomware
Usually, it is not so much the ransom itself, but business downtime and other consequences that really hurts your company. The unexpected cost of the ransom will sting, sure, but the knock-on effects of the attack often pose a bigger threat.
- Lost business time. No access to files and data means no business transactions can be made, which hurts the bottom line big time. The city of San Francisco was forced to give free rides to all commuters after ransomware hit their transportation system.
- Downtime. Most of your employees will not be able to work, and you face significant productivity losses, regardless of whether you pay the ransom or not.
- Possible loss of critical data. Some companies only back up their financial data leaving other business-critical data exposed and vulnerable.
Related: Ensure your data does not walk out the door with your employees
How to protect your business
- Train your team. One key element of protecting your business against ransomware and other malware attacks is security awareness training, which is key to preventing employees from clicking on phishing links in emails.
- Cloud hosting. Hosting your business data off-site and in the Cloud is a robust security measure against ransomware attacks. “Security at our data centre is paramount,” says Michael Osterloh, founder and managing director of HostAfrica, a growing Cloud hosting company based in Cape Town. “This is the real deal. High tech security safeguards our hardware, and aggressive software security measures keeps the integrity of data sound, so you don’t have to worry about losing data or connectivity.”
The hosted (Cloud) servers are protected against malware by a team of specialists who take responsibility for ensuring that the servers always have the latest updates, are backed up offsite and monitored for any untoward activity. This means that, even if a business’s files are attacked, the backed-up data will be restored within 30 minutes and they can put their business back on its feet again with very little downtime, data loss and productivity deficit.
- Remote. Probably the biggest risk is exposing your business data through unprotected remote access. We recommend using RemoteApp, which enables you to make programs that are accessed remotely through Remote Desktop. Services appear as if they are running on a local computer.
- Layers. There is no complete malware protection package available. Because this is a constantly-evolving threat, each side of the fence is forever playing catch up with each other. Using tools like CryptoPrevent combined with a sharpened awareness to security protocol will ensure your company is better prepared and armed against potential attack.
To stay clear and safe of the risk of ransomware, it is best you employ a layered security approach, combined with comprehensive backup software that is tested regularly, and user education focusing - at a minimum - on safe web browsing and email usage habits.